KB_150113: How To install a commercial SOAP certificate on IDENTIKEY Authentication Server.5/23/2017 2:59:17 PM
This is a step by step example on how to install a commercial (Go Daddy) SOAP certificate on the IDENTIKEY Authentication Server.
Problem symptoms / details.
After using the IDENTIKEY Authentication Server (IAS) Configuration Wizard tool to generate a CSR (Certificate signing request) and sending it to the CA (Go Daddy), the user receives 4 files: the private key, the private key password, the signed certificate and the certificate of the CA.
With these files you can install the certificate using the IAS Configuration Wizard.
To install the certificate, you do not need to change the Default settings of the SOAP protocol in the IAS configuration.
Start the IAS Configuration wizard to install SSL server certificate:
In the first field you need to add the private key:
And the Private Key password
In the second field, enter the signed Server certificate:
And in the last field, enter the certificate of the CA (Go Daddy in our example)
After the import, you can verify that the certificate is used by browsing to the SOAP port of the IAS (8888 by default) and looking in the browser for the certificate used.
(We use Firefox in our example, but you can do the same in other browsers)
The next step is to make the webadmin trust the new certificate.
For IAS until version 3.8
this can be done by a redeploy of the webadmin using the IAS configuration wizard
For IAS versions 3.9 and higher:
Use the admintool.bat from the “IAS web administration” in a command prompt window:
List/delete the existing server:
List/delete the existing certificate:
Autoadd the server and the certificate:
If all is working, you should be able to login into the webadmin again.
Applies to: IDENTIKEY Authentication Server 3.x
KB 150113– 23/05/2017
© 2014 VASCO Data Security. All rights reserved.